package com.lb.activity.rest;

import com.lb.activity.po.Permission;
import com.lb.activity.po.User;
import com.lb.activity.service.PermissionService;
import com.lb.activity.service.UserService;
import com.lb.activity.util.PermissionTree;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.List;

/**
 * @author liubin
 */
@Api("基础跳转")
@RestController
public class IndexController {

    @Autowired
    private UserService userService;

    @Autowired
    private PermissionService permissionService;

    @GetMapping(value = {"/","login"})
    @ApiOperation(value = "跳转登录页面")
    public ModelAndView login(){
        return new ModelAndView("login");
    }

    @PostMapping("loginIn")
    @ApiOperation(value = "登录方法")
    public ModelAndView toLogin(String userName,String password,HttpServletRequest request){
        ModelAndView modelAndView = new ModelAndView();

        UsernamePasswordToken token = new UsernamePasswordToken(userName,password);
        Subject subject = SecurityUtils.getSubject();
        subject.login(token);
        User userShiro =(User) subject.getPrincipal();
        Session session = SecurityUtils.getSubject().getSession();
        User user = userService.userLogin(userName, password);
        if(user == null){
            modelAndView.setViewName("login");
            return modelAndView;
        }
        session.setAttribute("adminUser",userShiro);
        request.getSession().setAttribute("sessionUser",user);
        modelAndView.setViewName("redirect:/showGroup");
        return modelAndView;
    }

    /**
     * 避免重复登录
     * @param request
     * @return
     */
    @GetMapping(value = "/showGroup")
    @ApiOperation(value = "重定向跳转页面")
    public ModelAndView showGroup(HttpServletRequest request){
        ModelAndView modelAndView = new ModelAndView();
        //跳转到index之前，组装用户的权限
        User sessionUser = (User)request.getSession().getAttribute("sessionUser");
        if(sessionUser == null){
            request.getSession().removeAttribute("user");
            modelAndView.setViewName("login");
        }else {
            Long userId=sessionUser.getId();
            List<PermissionTree<Permission>> menus = permissionService.listMenuTree(sessionUser.getId());
            modelAndView.addObject("menus", menus);
            modelAndView.addObject("user",sessionUser);
            modelAndView.setViewName("main");
        }
        return modelAndView;

    }


    @GetMapping("welcome")
    @ApiOperation(value = "welcome页面")
    public ModelAndView welcome(){
        return new ModelAndView("welcome");
    }


    @GetMapping("logout")
    @ApiOperation(value = "退出")
    public ModelAndView logout(HttpServletRequest request){
        HttpSession session = request.getSession();
        session.removeAttribute("sessionUser");
        return new ModelAndView("login");
    }

    @ExceptionHandler({UnauthorizedException.class})
    public ModelAndView processUnauthenticatedException(NativeWebRequest request,
                                                        UnauthorizedException e) {
        ModelAndView mv = new ModelAndView();
        mv.addObject("exception", e.getMessage());
        mv.setViewName("404");
        return mv;
    }

}
